1
22
23 package com.liferay.portlet.portletconfiguration.action;
24
25 import com.liferay.portal.kernel.servlet.SessionErrors;
26 import com.liferay.portal.kernel.servlet.SessionMessages;
27 import com.liferay.portal.kernel.util.Constants;
28 import com.liferay.portal.kernel.util.ParamUtil;
29 import com.liferay.portal.kernel.util.StringUtil;
30 import com.liferay.portal.kernel.util.Validator;
31 import com.liferay.portal.model.Layout;
32 import com.liferay.portal.model.Organization;
33 import com.liferay.portal.model.Portlet;
34 import com.liferay.portal.model.PortletConstants;
35 import com.liferay.portal.model.Resource;
36 import com.liferay.portal.model.UserGroup;
37 import com.liferay.portal.security.auth.PrincipalException;
38 import com.liferay.portal.service.PermissionServiceUtil;
39 import com.liferay.portal.service.PortletLocalServiceUtil;
40 import com.liferay.portal.service.ResourceLocalServiceUtil;
41 import com.liferay.portal.service.ResourcePermissionServiceUtil;
42 import com.liferay.portal.servlet.filters.cache.CacheUtil;
43 import com.liferay.portal.theme.ThemeDisplay;
44 import com.liferay.portal.util.PropsValues;
45 import com.liferay.portal.util.WebKeys;
46
47 import java.util.ArrayList;
48 import java.util.Enumeration;
49 import java.util.List;
50
51 import javax.portlet.ActionRequest;
52 import javax.portlet.ActionResponse;
53 import javax.portlet.PortletConfig;
54 import javax.portlet.RenderRequest;
55 import javax.portlet.RenderResponse;
56
57 import org.apache.struts.action.ActionForm;
58 import org.apache.struts.action.ActionForward;
59 import org.apache.struts.action.ActionMapping;
60
61
66 public class EditPermissionsAction extends EditConfigurationAction {
67
68 public void processAction(
69 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
70 ActionRequest actionRequest, ActionResponse actionResponse)
71 throws Exception {
72
73 String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
74
75 try {
76 if (cmd.equals("group_permissions")) {
77 updateGroupPermissions(actionRequest);
78 }
79 else if (cmd.equals("guest_permissions")) {
80 updateGuestPermissions(actionRequest);
81 }
82 else if (cmd.equals("organization_permissions")) {
83 updateOrganizationPermissions(actionRequest);
84 }
85 else if (cmd.equals("role_permissions")) {
86 updateRolePermissions(actionRequest);
87 }
88 else if (cmd.equals("user_group_permissions")) {
89 updateUserGroupPermissions(actionRequest);
90 }
91 else if (cmd.equals("user_permissions")) {
92 updateUserPermissions(actionRequest);
93 }
94
95 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {
96 String redirect = ParamUtil.getString(
97 actionRequest, "permissionsRedirect");
98
99 sendRedirect(actionRequest, actionResponse, redirect);
100 }
101 else {
102 SessionMessages.add(actionRequest, "request_processed");
103 }
104 }
105 catch (Exception e) {
106 if (e instanceof PrincipalException) {
107 SessionErrors.add(actionRequest, e.getClass().getName());
108
109 setForward(
110 actionRequest, "portlet.portlet_configuration.error");
111 }
112 else {
113 throw e;
114 }
115 }
116 }
117
118 public ActionForward render(
119 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
120 RenderRequest renderRequest, RenderResponse renderResponse)
121 throws Exception {
122
123 ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
124 WebKeys.THEME_DISPLAY);
125
126 long groupId = themeDisplay.getScopeGroupId();
127
128 String portletResource = ParamUtil.getString(
129 renderRequest, "portletResource");
130 String modelResource = ParamUtil.getString(
131 renderRequest, "modelResource");
132 String resourcePrimKey = ParamUtil.getString(
133 renderRequest, "resourcePrimKey");
134
135 String selResource = portletResource;
136
137 if (Validator.isNotNull(modelResource)) {
138 selResource = modelResource;
139 }
140
141 try {
142 PermissionServiceUtil.checkPermission(
143 groupId, selResource, resourcePrimKey);
144 }
145 catch (PrincipalException pe) {
146 SessionErrors.add(
147 renderRequest, PrincipalException.class.getName());
148
149 setForward(renderRequest, "portlet.portlet_configuration.error");
150 }
151
152 Portlet portlet = PortletLocalServiceUtil.getPortletById(
153 themeDisplay.getCompanyId(), portletResource);
154
155 if (portlet != null) {
156 renderResponse.setTitle(getTitle(portlet, renderRequest));
157 }
158
159 return mapping.findForward(getForward(
160 renderRequest, "portlet.portlet_configuration.edit_permissions"));
161 }
162
163 protected String[] getActionIds(ActionRequest actionRequest, long roleId) {
164 List<String> actionIds = new ArrayList<String>();
165
166 Enumeration<String> enu = actionRequest.getParameterNames();
167
168 while (enu.hasMoreElements()) {
169 String name = enu.nextElement();
170
171 if (name.startsWith(roleId + "_ACTION_")) {
172 int pos = name.indexOf("_ACTION_");
173
174 String actionId = name.substring(pos + 8);
175
176 actionIds.add(actionId);
177 }
178 }
179
180 return actionIds.toArray(new String[actionIds.size()]);
181 }
182
183 protected void updateGroupPermissions(ActionRequest actionRequest)
184 throws Exception {
185
186 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
187
188 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
189 long groupId = ParamUtil.getLong(actionRequest, "groupId");
190 String[] actionIds = StringUtil.split(
191 ParamUtil.getString(actionRequest, "groupIdActionIds"));
192
193 PermissionServiceUtil.setGroupPermissions(
194 groupId, actionIds, resourceId);
195
196 if (!layout.isPrivateLayout()) {
197 Resource resource =
198 ResourceLocalServiceUtil.getResource(resourceId);
199
200 if (resource.getPrimKey().startsWith(
201 layout.getPlid() + PortletConstants.LAYOUT_SEPARATOR)) {
202
203 CacheUtil.clearCache(layout.getCompanyId());
204 }
205 }
206 }
207
208 protected void updateGuestPermissions(ActionRequest actionRequest)
209 throws Exception {
210
211 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
212 WebKeys.THEME_DISPLAY);
213
214 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
215 String[] actionIds = StringUtil.split(
216 ParamUtil.getString(actionRequest, "guestActionIds"));
217
218 PermissionServiceUtil.setUserPermissions(
219 themeDisplay.getDefaultUserId(), themeDisplay.getScopeGroupId(),
220 actionIds, resourceId);
221 }
222
223 protected void updateOrganizationPermissions(ActionRequest actionRequest)
224 throws Exception {
225
226 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
227
228 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
229 long organizationId = ParamUtil.getLong(
230 actionRequest, "organizationIdsPosValue");
231 String[] actionIds = StringUtil.split(
232 ParamUtil.getString(actionRequest, "organizationIdActionIds"));
233
236 PermissionServiceUtil.setGroupPermissions(
238 Organization.class.getName(), String.valueOf(organizationId),
239 layout.getGroupId(), actionIds, resourceId);
240
245 }
246
247 protected void updateRolePermissions(ActionRequest actionRequest)
248 throws Exception {
249
250 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
251 updateRolePermissions_5(actionRequest);
252 }
253 else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
254 updateRolePermissions_6(actionRequest);
255 }
256 else {
257 updateRolePermissions_1to4(actionRequest);
258 }
259 }
260
261 protected void updateRolePermissions_1to4(ActionRequest actionRequest)
262 throws Exception {
263
264 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
265 WebKeys.THEME_DISPLAY);
266
267 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
268 long roleId = ParamUtil.getLong(actionRequest, "roleIdsPosValue");
269 String[] actionIds = StringUtil.split(
270 ParamUtil.getString(actionRequest, "roleIdActionIds"));
271
272 PermissionServiceUtil.setRolePermissions(
273 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
274 }
275
276 protected void updateRolePermissions_5(ActionRequest actionRequest)
277 throws Exception {
278
279 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
280 WebKeys.THEME_DISPLAY);
281
282 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
283 long[] roleIds = StringUtil.split(
284 ParamUtil.getString(
285 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
286
287 for (long roleId : roleIds) {
288 String[] actionIds = getActionIds(actionRequest, roleId);
289
290 PermissionServiceUtil.setRolePermissions(
291 roleId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
292 }
293 }
294
295 protected void updateRolePermissions_6(ActionRequest actionRequest)
296 throws Exception {
297
298 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
299 WebKeys.THEME_DISPLAY);
300
301 String portletResource = ParamUtil.getString(
302 actionRequest, "portletResource");
303 String modelResource = ParamUtil.getString(
304 actionRequest, "modelResource");
305 long[] roleIds = StringUtil.split(
306 ParamUtil.getString(
307 actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
308
309 String selResource = portletResource;
310
311 if (Validator.isNotNull(modelResource)) {
312 selResource = modelResource;
313 }
314
315 String resourcePrimKey = ParamUtil.getString(
316 actionRequest, "resourcePrimKey");
317
318 for (long roleId : roleIds) {
319 String[] actionIds = getActionIds(actionRequest, roleId);
320
321 ResourcePermissionServiceUtil.setIndividualResourcePermissions(
322 themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(),
323 selResource, resourcePrimKey, roleId, actionIds);
324 }
325 }
326
327 protected void updateUserGroupPermissions(ActionRequest actionRequest)
328 throws Exception {
329
330 Layout layout = (Layout)actionRequest.getAttribute(WebKeys.LAYOUT);
331
332 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
333 long userGroupId = ParamUtil.getLong(
334 actionRequest, "userGroupIdsPosValue");
335 String[] actionIds = StringUtil.split(
336 ParamUtil.getString(actionRequest, "userGroupIdActionIds"));
337
338 PermissionServiceUtil.setGroupPermissions(
339 UserGroup.class.getName(), String.valueOf(userGroupId),
340 layout.getGroupId(), actionIds, resourceId);
341 }
342
343 protected void updateUserPermissions(ActionRequest actionRequest)
344 throws Exception {
345
346 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
347 WebKeys.THEME_DISPLAY);
348
349 long resourceId = ParamUtil.getLong(actionRequest, "resourceId");
350 long userId = ParamUtil.getLong(actionRequest, "userIdsPosValue");
351 String[] actionIds = StringUtil.split(
352 ParamUtil.getString(actionRequest, "userIdActionIds"));
353
354 PermissionServiceUtil.setUserPermissions(
355 userId, themeDisplay.getScopeGroupId(), actionIds, resourceId);
356 }
357
358 }